1. Field of the Invention
Embodiments of the disclosure relate in general to the field of computers and similar technologies, and in particular to software utilized in this field. Still more particularly, it relates to the validation of user credentials submitted to a data source by an untrusted intermediary.
2. Description of the Related Art
The way in which Web-based information is aggregated, assembled, and presented continues to evolve. In the early days of the Internet, content was treated as static elements that were assembled, typically by using hypertext markup language (html) code, to create Web pages. Later, technologies such as JavaServer Pages and Active Server Pages, were developed to allow software developers to dynamically generate HTML, extensible markup language (XML), or other types of documents in response to a Web client request. Today, content that exists in different formats can be retrieved from multiple sources on the Web and be combined into a mashup to create entirely new and innovative services. Further, through the use of AJAX and other Web applications informally known as Web 2.0, individual content elements within a Web page can be updated in near-real-time without refreshing the entire Web page.
However, current methods of creating mashups can introduce security concerns. As one example, Web browsers typically incorporate a same-origin policy as a security feature that is used to keep malicious code hosted on a Web site within one domain from requesting data, such as stored credentials, from a site on another domain. As a result, the same-origin policy forces Web applications used in mashups to either sacrifice security or functionality. Another security issue associated with mashups is the submission of user credentials for authentication and authorization. A mashup, acting as an intermediary for a user, may not be able to send user credentials to a data source with its requests. This may be due to the user and the data source not fully trusting the mashup as an intermediary, or the mashup not having the ability to supply the user's credentials to the data source in a compatible format. As one example of a data source, databases are not well equipped today to perform this validation/transformation step. Current solutions typically employ trusted intermediaries to store database authentication credentials and supply them to the database on behalf of the user. Storing user credentials with an untrusted mashup intermediary makes them subject to compromise, and as a result, the authenticity of the user's identity likewise becomes untrusted.
One potential approach to addressing this issue is to have the intermediary repeatedly prompt the user for secrets to authenticate their identity, which is inconvenient for the user, and also exposes the secrets to compromise by the intermediary if it is untrusted. Another known approach is the Google Account Authentication Proxy for Web Applications, which can accept identity tokens generated by a stand-alone authentication server to authenticate a user. However, while it will accept an identity token submitted by an intermediary on behalf of a user, all submitted credentials must be of the same type and format. Furthermore, the back-end service for validating the submitted credentials must reside in the same administration domain as the data source. Yet another known approach is the Yale information Technology Services (ITS) Central Authentication Service (CAS). It is similar in nature to the Google service described above, with the addition of single sign-on. In view of the foregoing, there is a need for preserving the broad creative freedom that mashup intermediaries offer while making them safer to use. This need extends beyond the user authentication required for a mashup intermediary to access a subscription-based public data source to include trustworthy access to secure corporate data sources, such as databases. In particular, there is a need to accept the submission of a variety of security token formats from a mashup intermediary and not require that the back-end service providing the user credentials be in the same administration domain as the data source.